d27b7d43c04fb8523aa2d807aff989c2cbc7d55822b9442fa2edb94d5b087699

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
09-05-2024 15:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
Size

404KB
MD5

783c04621e2cba93d0f4fb9de05f8900
SHA1

71bb650767d93b9a58e58520ed6c0de0a032b8f7
SHA256

d27b7d43c04fb8523aa2d807aff989c2cbc7d55822b9442fa2edb94d5b087699
SHA512

07d077c76fa0d3ef028052f588372830b9d31f259f5a544192cac34ea17ffb3a1695151b92bcdd017f49aeb7e96f132f3d07367aa2218362b470887b3c022305
SSDEEP

6144:Rqaa0JVN9Q7kRwSrJWrtEiOLAORtX2YX5LyvnMqqmc:c0JV/Q767lGEi+AORtmhnMqfc

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (2631) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javadoc.exe.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msadcer.dll.mui.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.war.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Detroit.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-spi-quicksearch.jar.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Bucharest.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\WindowsAccessBridge-64.dll.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mahe.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme_0.9.300.v20140424-2042.jar.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_ja.jar.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\es-ES\wab32res.dll.mui.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_globalstyle.css.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core.jar.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_2.emf.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msado21.tlb.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicTSFrame.png.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Phoenix.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-8.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_ko.properties.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santarem.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.zh_CN_5.5.0.165303.jar.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\adcjavas.inc.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledb32r.dll.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Dot.png.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG.wmv.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javah.exe.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\dsn.jar.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_ja_4.4.0.v20140623020002.jar.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ja_5.5.0.165303.jar.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_zh_4.4.0.v20140623020002.jar.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Pipeline.dll.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-static.png.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-over-select.png.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_ja.jar.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jsdt.dll.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipTsf.dll.mui.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\java.exe.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-14.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui_5.5.0.165303.jar.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_zh_4.4.0.v20140623020002.jar.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\IpsMigrationPlugin.dll.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground.wmv.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs_5.5.0.165303.jar.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ru.pak.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047x576black.png.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Noronha.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kamchatka.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Lisbon.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\ChessMCE.lnk.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\dicjp.dll.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Resolute.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Singapore.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tokyo.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\com.jrockit.mc.console.ui.notification_contexts.xml.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_zh_CN.jar.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Amsterdam.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TabIpsps.dll.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NextMenuButtonIcon.png.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\pt-PT.pak.tmp	783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\783c04621e2cba93d0f4fb9de05f8900_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp

Filesize
404KB

MD5
6aa937d573106825cc6ad6140283e8a4

SHA1
9d2fa149806a47f1f2f41e7f445104ce85d481d2

SHA256
8ebc45c62bc9f138aa3df9621fa7dd1ccdcf96ee75c769ff312ba2f2135eac5b

SHA512
6b387aa0c81b68a99434940694991f0dc1a9eb952048b8c74e87601771e6480d83c67fce0167884d5325240de7d7bd23d9512f534f7e83c4fa8c9271bd04b179

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
413KB

MD5
cfcfb9a5f60ee0cc2a330db9045aa7e1

SHA1
64e83e072984decfb1c7fe3c95c1921081c4ee22

SHA256
e0a43b4989633dbe115510be442cca188e175c9b8deb66bb4f5d47d5aeff38e0

SHA512
68067381a922ff4e5aa014a1b95f55d0492729f22729474b2484cf2c2a7f51ff61153d4a71ec2b8f88feb9de7cedf64d41bf8a5f927670e0dabc380374bc8ca4

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads